You are on page 1of 18

<Insert Picture Here>

Clouds: What’s new is old is new…
Joseph Alhadeff, VP Global Public Policy; CPO, Oracle

Cloud Computing. Hard to Define .

.. This cloud model promotes availability and is composed of five essential characteristics. storage. servers. and four deployment models. applications. on-demand network access to a shared pool of configurable computing resources (e.g. networks. three service models.NIST Definition v15… Cloud computing is a model for enabling convenient. and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

mission. The cloud infrastructure is a composition of two or more clouds (private. It may be managed by the organizations or a third party and may exist on premise or off premise. or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability (e. security requirements. community. Hybrid cloud. Community cloud. policy.g. and compliance considerations). cloud bursting for load-balancing between clouds). Public cloud.. The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services..Characteristics/Deployment models (NIST) • On-demand self-service • Broad network access • Resource pooling • Rapid elasticity • Measured Service • • • • Private cloud. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns (e. It may be managed by the organization or a third party and may exist on premise or off premise. The cloud infrastructure is operated solely for an organization. .g.

operating systems. storage. The capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure. The capability provided to the consumer is to provision processing. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems. Cloud Platform as a Service (PaaS). or even individual application capabilities. which can include operating systems and applications. host firewalls). but has control over the deployed applications and possibly application hosting environment configurations. deployed applications. servers. and possibly limited control of select networking components (e. with the possible exception of limited user-specific application configuration settings. The consumer does not manage or control the underlying cloud infrastructure including network. servers..Service Models (NIST) • Cloud Software as a Service (SaaS). • • . web-based email). storage. storage. networks. or storage. and other fundamental computing resources where the consumer is able to deploy and run arbitrary software.g. Cloud Infrastructure as a Service (IaaS). The consumer does not manage or control the underlying cloud infrastructure including network. operating systems.g.. The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages and tools supported by the provider. The applications are accessible from various client devices through a thin client interface such as a web browser (e.


leveraging virtualization for data center efficiencies and faster networks Adoption SaaS (Software as a Service) model with multi-tenant hosting of applications ASP (Application Service Provider) model with single tenant hosting of applications John McCarthy proposed 'computer time-sharing technology' to be sold through utility business model (like electricity) in a lecture at MIT 1961 Mid 90’s Early 00’s Late 00’s Time .Evolution Over The Years Cloud Computing with pay as you go model.

coupled with scope of availability and ease of use are part of what’s new • The access and availability of computing. storage and applications enables individual users to be content creators. • Are existing regulatory paradigms relevant or applicable? . • Further developments and roles are expanding in new and innovative ways.New? • Cloud computing is an amalgam of mostly existing technologies and services • Some use models. publishers and application developers.

Virtual machines … can be moved around while running. They can have an identical twin which takes over should the original fail.Virtualization Virtualization is “separating the computing workload from the hardware. 2008 *Quoting Paul Maritz of VMware . all sorts of possibilities open up. And they can be sold prepackaged as “virtual appliances”…eventually to turn a data centre—or even several of them—into a single pool of computing.”* Once computers have become more or less disembodied. storage and networking resources that can be allocated as needed. Oct 23. The Economist: Special Report – Where the Cloud Meets the Ground. perhaps to concentrate them on one server to save energy.

Cloud Computing Architecture Web Services Virtual Machines Dynamic Application Provisioning CRM Database BI Virtualization Layer Email Commodity Hardware .

Cloud Computing – Benefits • • • • • • • • • • Reduce capital expenditures Low barrier to entry Scalable infrastructure Cost-effective – Pay for what you use Acquire resources on demand Release resources when not needed Virtually infinite compute and storage resources Turn Organization’s fixed cost into variable cost May improve security Patch management/professionally managed services .

Cloud Computing Vs. less direct control Slow for part-cloud. high Slow to scale Pay per use. part-outside applications Fast for fully cloud based applications . Traditional Hosting – Key Differences Aspect Traditional Hosting Cloud Computing Procurement Cycle Weeks/Months Minutes Deployment Cycle Weeks/Months Minutes Total Cost Flexibility Application Owner Connectivity Physical Deployment Architecture Application Performance Relatively fixed. more control Fast Internet Less transparent. low Fast to scale (up or down) Dedicated link/VPN More transparent.

Familiar Questions… • Cloud? • Abstraction Layer • • • • • • Where is my information? Who controls it? Who has access? How is being used? Who is it being shared with? Who is looking out for my interests? .

Cloud computing – operational concerns: the back end  Performance/availability/Service Level  Support  Interoperability  Audits/Oversight  Termination/Lock-in  Less by design and more by inertia…  Role of open standards  Portability .

Cloud computing – legal concerns  Privacy International data transfers Consistent treatment Lawful access issues  Export control  Data breach notification laws  Data retention laws  E-discovery  Government regulation Jurisdiction/Conflict of Laws .

Cloud computing – contractual concerns  All of the operational/legal issues plus  Data ownership  IP  Limitation of liability issues  SLAs  Indemnities Subcontracting  Dispute resolution  Audits Notice/ consent for transfer. where applicable .

Desirable characteristics • Extended corporate controls • Good security/privacy policies. patched • 24x7x356 service • Mapping to legal requirements • *Tools – • PIA. Audit reports. practices and controls* • Up-to-date. Gap Analysis to 27001 • Privacy/Security by Design • Ecosystem Accountability .